Wave yellow 4 FINAL

Abnormal Security Protects CSC Generation Retail Brands From Compromised Vendors

While CSC Generation has robust security measures in place, unfortunately, the same couldn't be said for their vendors. To mitigate the risk of payment fraud via compromised vendor accounts, the organization added Abnormal to their security stack and the results spoke for themselves.

In the world of retail, the sheer volume of suppliers and invoices processed on a daily basis is central to business operations. For CSC Generation, this challenge is amplified by their aggressive corporate growth strategy. “We might not be a household name but we’re a holding company for famous retail brands such as DirectBuy, One Kings Lane, Z Gallerie, and Sur La Table. Our mission is to save retail by leveraging our proprietary technology and operating expertise,” says Justin Yoshimura, CEO and Founder.

As organizations like CSC Generation move their business to the cloud, their infrastructure transforms, and so do the attacks. According to the most recent 2020 FBI IC3 Report, the number one threat facing organizations are socially-engineered email attacks from compromised vendors. These novel threats evade traditional defenses and require a new approach to stop them.

Your Vendors’ Security Is the Culprit

When it comes to pinpointing where the weak link lies, the culprit is often third-party vendors with lax security controls. If their credentials are phished, the results are dangerous to their own organization and partners.

To add to the frustration, it’s common for organizations like CSC Generation to have a robust security stack and internal protocols in place to stop traditional attacks. “As a business, we have thousands of third-party vendors. And when it comes to our security tech stack, we thought we had it covered. CSC uses a lot of software security solutions and we have our own checks in place to protect against fraud,” says Yoshimura.

Their approach to security and having a proactive playbook designed to catch invoice fraud before it does any damage stands out as progressive and forward-thinking when compared to most organizational policies. “All of our employees use two-factor authentication and log-in via VPNs. We take security seriously,” added Yoshimura.

“Since we installed Abnormal, there has been no payment or vendor compromise fraud. None. They’ve completely removed this headache from our security and fraud teams.”
—Justin Yoshimura, CEO and Founder

When Traditional Security and Playbooks Fail

However, even the best-laid plans can still fall short. As Yoshimura explains, even though CSC Generation had a thoughtful and aggressive approach to stopping these attacks, it was still defrauded out of a significant sum of money. “Despite all of our security checks, we still got hit with a $100,000 payment fraud attack. It happened through one of our vendors who was compromised. The length the attacker was willing to go was extraordinary. They compromised the vendor account, then changed the phone numbers on the signature and redirected the thread to a lookalike domain where an extra character was added to the email address.”

“So when we went through our payment update playbook, the attacker was able to circumvent all the checks we had in place,” says Yoshimura.

“Despite all of our security checks, we still got hit with a $100,000 payment fraud attack. It happened through one of our vendors who was compromised."
—Justin Yoshimura, CEO and Founder

The Vendor Security Wake-Up Call

At that point, CSC Generation had come to realize their security is tied to their partner ecosystem, as Yoshimura explained, “the moment you realize you’re only as strong as your vendors’ security, it’s a wake-up call. It was time to look for a solution that is ahead of the times.”

That exploration led them to solutions with a differentiated approach to stopping third-party vendor attacks, one that uses AI/ML and behavioral data science to solve the problem. Abnormal Security stood out from the crowd.

“What led us to choose Abnormal Security is their approach and efficacy. They spoke our language, literally. They show you how they use AI/ML to stop vendor attacks right in the dashboard. Their approach gave us confidence that it’s the best solution on the market,” added Yoshimura.

“The moment you realize you’re only as strong as your vendors’ security, it’s a wake-up call.”
—Justin Yoshimura, CEO and Founder

Abnormal Delivers Results for CSC Generation

Once Abnormal was added to CSC Generation’s security stack, the results spoke for themselves. Yoshimura stated, “Since we installed Abnormal, there has been no payment or vendor fraud. None. They’ve completely removed this headache from our security and fraud teams.

“Before Abnormal, the amount of vendor and payment fraud attempts that would come into our company was sky-high. We now know it’s because traditional security solutions still use domain blocking and rule-based security to try to stop these attacks. But it’s not predictive and it doesn’t work, and that’s where the problem lies. Abnormal solves that problem completely.”

How Abnormal Security Stops Vendor Fraud

Before CSC Generation added Abnormal to the mix, they relied on the now considered “old approach” employed by gateways that uses threat intelligence and looks for known bad or indicators of compromise, like bad reputation, suspicious links, or malicious attachments in an email. But because vendor compromise attacks do not make use of these tactics, they evade conventional defenses.

The API-driven approach pioneered by Abnormal Security uniquely leverages behavioral data science to profile and baseline good behavior to detect anomalies and stop attacks. Abnormal Security delivers this breakthrough approach through a cloud-native email security platform that can be deployed instantly through a one-click API integration and can be used to extend and complement existing secure email gateways. “With the one-click API installation, we were able to get up and running in just one day,” added Yoshimura.

Abnormal’s behavioral data science approach is based on three pillars of technology: identity modeling, behavioral and relationship graphs, and deep content analysis. With these pillars, we’re able to profile the known good of an organization and then use it to detect and stop abnormal behavior to stop a broad range of attacks.

When it comes to advice for C-level executives looking for an answer to the problem, Yoshimura says, “Evaluate your existing security solutions and scrutinize how they handle vendor security. It’s the biggest threat you face.”

“Without Abnormal’s approach to vendor security, we would be open to these kinds of attacks.”
—Justin Yoshimura, CEO and Founder

See for yourself how Abnormal can help keep your organization safe from advanced email attacks. Request a demo today!

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Resources

B 05 16 22 Elara Caring
Elara Caring's CISO consistently saw employees struggle to sort authentic messages from email attacks. He knew there was a better solution to protect patient data and improve the employee experience.
Read More
B 04 08 22 Digital Everything Customer Story
Upon integration with Abnormal, a Fortune Global 500 financial services organization learned that not only had 11,000+ advanced email attacks per month been bypassing its secure email gateway but more than 70 of its vendors had compromised accounts.
Read More
B 04 14 22 CISCO Guide to Phishing
Because phishing emails target human behavior, create a sense of urgency, and appear to come from trusted senders, they can be incredibly difficult to detect. Stopping them before they reach employee inboxes is the key to staying safe.
Download Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Everise case study cover
By mid-2021, Everise had more than 11,000 employees to meet new demand for outsourced services. But the shift to remote work brought new email security risks. “Our people are good at what they do, but they’re not email security specialists, and attackers know that."
Read More
Resource 03 COATS
With Abnormal ICES layered over Microsoft Defender, Coats employees are free to focus on continuing the company’s 250-year tradition of innovation, rather than sorting through emails and trying to assess the risks.
Read More
Webinar phish soc cover
Most people believe that the SOC is on the front lines, defending the castles against the forces of darkness. And while that’s true, it’s never quite as heroic as we’d like it to be.
Watch Now
Fireside chat katz cover
Legitimate email communications often contain links and attachments, and employees need to click on those links and attachments to do their jobs. Unfortunately, securing the enterprise often means stopping employees from doing so in an effort to stop bad actors from gaining access to systems or stealing money.
Watch Now
Fortune 200 wealth cover
As a leader in insurance and asset management, this Fortune 200 company recognizes that its security must protect its employees and customers from cyber attacks. Customers place their trust and their assets in the control of this company, so the security team built a robust solution reducing risk, gaining visibility, and securing user identity—the new perimeter.
Read More
Gateway church cover
Gateway chose Abnormal Security because of its uncompromising approach to prevent the email attacks that matter most. In the two years since they've deployed Abnormal, Gateway has not experienced a successful advanced email attack.
Read More
Human element whitepaper cover
The challenge of dealing with cybercrime is complex. Human factors and the human-computer interface are a central component of cybersecurity, and while technology alone will not prevent cybercrime, neither will people. People alone also can also not be relied upon as a last line of defense in an organization’s cybersecurity strategy.
Download Now
Human element webinar cover 2
Cybersecurity is largely a behavioral concern, as cybercriminals use social engineering to trick people into transferring money, entering their credentials, or providing access to sensitive data.
Watch Now
Key considerations webinar cover
Email is both a necessary communication medium, and the most vulnerable area for an attack. Year after year, adversaries find success in abusing email to gain a foothold into an organization—deploying malware, leaking valuable data, or stealing millions of dollars.
Watch Now
B Gartner Highlights 1
The Gartner Market Guide for Email Security explains what integrated cloud email security (ICES) solutions are and why they’re essential for modern enterprises. Download a copy now to learn why enterprises are moving away from the SEG.
Read More